797 matches found
Context IS Advisory - Autocomplete Data Theft in Mozilla Firefox
===============================ADVISORY=============================== Name: Autocomplete Data Theft in Mozilla Firefox Systems Affected: Mozilla Firefox 3.5, Mozilla Firefox 3.0 Severity: Moderate Category: Data Leakage Author: Context Information Security Ltd Advisory: 4 November 2009 CVE:...
Pentaho 1.7.0.1062 - Cross-Site Scripting / Information Disclosure
Pentaho 1.7.0.1062 Multiple Vulnerabilities Name Multiple Vulnerabilities in Pentaho Systems Affected Pentaho = 1.7.0.1062 Severity High Impact CVSSv2 High 7/10, vector: AV:N/AC:L/Au:S/C:P/I:C/A:P Vendor http://www.pentaho.com Advisory...
[AntiSnatchOr] Pentaho Bi-server multiple vulnerabilities
Pentaho 1.7.0.1062 Multiple Vulnerabilities Name Multiple Vulnerabilities in Pentaho Systems Affected Pentaho = 1.7.0.1062 Severity High Impact CVSSv2 High 7/10, vector: AV:N/AC:L/Au:S/C:P/I:C/A:P Vendor http://www.pentaho.com Advisory...
Ubuntu Update for firefox vulnerabilities USN-468-1
Ubuntu Update for Linux kernel vulnerabilities USN-468-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4681.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox vulnerabilities USN-468-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Read passwords stored in web browser
Added: 01/09/2009 Background This tool attempts to retrieve web site passwords which have been stored by Internet Explorer. Limitations A connection to the target is required to run this tool. Due to the encryption algorithm used by Internet Explorer, this tool can only retrieve passwords which...
Read passwords stored in web browser
Added: 01/09/2009 Background This tool attempts to retrieve web site passwords which have been stored by Internet Explorer. Limitations A connection to the target is required to run this tool. Due to the encryption algorithm used by Internet Explorer, this tool can only retrieve passwords which...
Read passwords stored in web browser
Added: 01/09/2009 Background This tool attempts to retrieve web site passwords which have been stored by Internet Explorer. Limitations A connection to the target is required to run this tool. Due to the encryption algorithm used by Internet Explorer, this tool can only retrieve passwords which...
Read passwords stored in web browser
Added: 01/09/2009 Background This tool attempts to retrieve web site passwords which have been stored by Internet Explorer. Limitations A connection to the target is required to run this tool. Due to the encryption algorithm used by Internet Explorer, this tool can only retrieve passwords which...
Design/Logic Flaw
Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache...
CVE-2008-3644
Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache...
Safari < 3.2 Multiple Vulnerabilities
Binary data 4754.prm...
Ubuntu 6.06 LTS / 6.10 / 7.04 : firefox vulnerabilities (USN-468-1)
Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. CVE-2007-2867, CVE-2007-2868 A flaw was discovered in the form autocomplete feature. By tricking a user in...
openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-3545)
This update brings Mozilla Thunderbird to security update version 1.5.0.12. - MFSA 2007-17 / CVE-2007-2871 : Chris Thomas demonstrated that XUL popups opened by web content could be placed outside the boundaries of the content area. This could be used to spoof or hide parts of the browser chrome...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the nodereference module in Drupal Content Construction Kit CCK before 4.7.x-1.6, and 5.x before 5.x-1.6 ,allow remote attackers to inject arbitrary web script or HTML via nodereference fields, when using 1 the plain formatter or 2 the...
CVE-2007-4363
CVE-2007-4363 affects the Drupal Content Construction Kit (CCK) nodereference module. The vulnerability exists in nodereference fields when using (1) the plain formatter or (2) the autocomplete text field widget without Views.module, allowing remote attackers to inject arbitrary web script or HTM...
CVE-2007-2869
The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service persistent temporary CPU consumption via a large number of characters in a submitted form...
CVE-2007-2869
The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service persistent temporary CPU consumption via a large number of characters in a submitted form...
CVE-2007-2869
The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service persistent temporary CPU consumption via a large number of characters in a submitted form...
Mozilla Foundation Security Advisory 2007-13
Mozilla Foundation Security Advisory 2007-13 Title: Persistent Autocomplete Denial of Service Impact: Low Announced: May 30, 2007 Reporter: Marcel Products: Firefox Fixed in: Firefox 2.0.0.4 Firefox 1.5.0.12 Description Marcel reported that a malicious web page could perform a denial of service...
Multiple Firefox flaws (CVE-2007-1562, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871)
The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service persistent temporary CPU consumption via a large number of characters in a submitted form...